The number of security incidents involving mobile devices has increased over the past year, but companies are not protecting their mobile assets as well as they do other systems. One in three organizations admitted to suffering a compromise due to a...

Digitally transforming enterprises are now able to seamlessly integrate a myriad of service providers and business partners globally through diverse private interconnections. Equinix’s Global Interconnection Index volume 2 (GXI2)...

Networking vendor Juniper Networks has rolled out a new security architecture that will connect and operate with an enterprise customer's existing stack of products.
Named ‘Juniper Connected Security’, the open platform automates...

Rapid digitalisation has resulted in a surge in both the number of endpoints and the means by which cybercriminals can infiltrate enterprise networks. Around the globe, the total financial damage due to cybercrimes is predicted to reach $8 trillion...

Topic

Global supply chains and trade networks are becoming more complex as a result of shifting patterns within the logistics industry, including changing demands of vendors and customers.
In reality, not all businesses are able to navigate these...

Public cloud services are a strategic weapon for CIOs. More than a way to cease operating data centers, the public cloud offers CIOs the ability to focus on strategic projects aimed at boosting the bottom line.
“As organizations pursue new...

Gartner names top security and risk management trends in 2019

Aalyst firm Gartner has identified what it thinks are the seven
emerging security and risk management trends for this year, that
are set to have an impact on security, privacy and risk areas.

The analyst firm said it defines these top trends as ongoing
strategic shifts in security that are not yet widely recognised,
but could have a broad impact on the industry, causing
significant disruption.

First up in the list of the trends that were highlighted by
Gartner research vice president Peter Firstbrook has to do with
risk appetite statements becoming linked to business outcomes.

One area that is gaining importance is the ability for
security and risk management leaders to effectively present
security matters to key business decision makers.

Firstbrook suggested creating simple, practical and pragmatic
risk appetite statements linked to business goals, and staying
relevant to business decisions.

The next trend was focused on security operation centres (SOCs)
being implemented with a focus on threat detection and response.
According to Gartner, by 2022, about 50 per cent of SOCs will be
transformed with integrated incident response, threat
intelligence and threat-hunting capabilities.

“DSGF provides a data-centric blueprint that identifies and
classifies data assets and defines data security policies. This
then is used to select technologies to minimise risk,” Firstbrook
said. “The key in addressing data security is to start from the
business risk it addresses, rather than from acquiring technology
first, as too many companies do.”

Passwordless authentication such as touch ID on devices, was also
continuing to gain market traction, the analyst firm noted.

“In an effort to combat hackers who target passwords to access
cloud-based applications, passwordless methods that associate
users to their devices offer increased security and usability,
which is a rare win/win for security,” he said.

Another trend on the rise, noted by Gartner was the fact that
security product vendors were increasingly offering premium
skills and training services.

This comes as the number of unfilled cyber security roles is
expected to grow from 1 million in 2018 to 1.5 million in 2020,
the analyst firm said.

“We are starting to see vendors offer solutions that are a fusion
of products and operational services to accelerate product
adoption. Services range from full management to partial support
aimed at improving administrators’ skill levels and reducing the
daily workload,” Firstbrook noted.

The analyst firm estimates that the majority of cloud security
failures will be because of customer faults in the next four
years, therefore leading way to investments being made in cloud
security competencies.

“Public cloud is a secure and viable option for many
organisations, but keeping it secure is a shared responsibility,”
he said. “Organisations must invest in security skills and
governance tools that build the necessary knowledge base to keep
up with the rapid pace of cloud development and innovation.”

Rounding out its top seven trends, Gartner put forward the
increasing presence of its own continuous adaptive risk and trust
assessment (CARTA).

“Even though it’s a multiyear journey, the idea behind CARTA is a
strategic approach to security that balances security friction
with transaction risk. A key component to CARTA is to
continuously assess risk and trust even after access is
extended,” he said.

Firstbrook pointed out that email and network security were two
examples of security domains moving toward a CARTA approach as
solutions increasingly focus on detecting anomalies even after
users and devices are authenticated.